1 year ago · 257cfc2390
--- a/common/constants.go
+++ b/common/constants.go
@@ -55,7 +55,8 @@ var TelegramOAuthEnabled = false
 
				 var TurnstileCheckEnabled = false
			
 
				 var RegisterEnabled = true
			
 
				 
			
 
				-var EmailDomainRestrictionEnabled = false
			
 
				+var EmailDomainRestrictionEnabled = false // 是否启用邮箱域名限制
			
 
				+var EmailAliasRestrictionEnabled = false  // 是否启用邮箱别名限制
			
 
				 var EmailDomainWhitelist = []string{
			
 
				 	"gmail.com",
			
 
				 	"163.com",
			
--- a/controller/misc.go
+++ b/controller/misc.go
@@ -120,12 +120,17 @@ func SendEmailVerification(c *gin.Context) {
 
				 		})
			
 
				 		return
			
 
				 	}
			
 
				+	parts := strings.Split(email, "@")
			
 
				+	if len(parts) != 2 {
			
 
				+		c.JSON(http.StatusOK, gin.H{
			
 
				+			"success": false,
			
 
				+			"message": "无效的邮箱地址",
			
 
				+		})
			
 
				+		return
			
 
				+	}
			
 
				+	localPart := parts[0]
			
 
				+	domainPart := parts[1]
			
 
				 	if common.EmailDomainRestrictionEnabled {
			
 
				-		parts := strings.Split(email, "@")
			
 
				-		localPart := parts[0]
			
 
				-		domainPart := parts[1]
			
 
				-
			
 
				-		containsSpecialSymbols := strings.Contains(localPart, "+") || strings.Count(localPart, ".") > 1
			
 
				 		allowed := false
			
 
				 		for _, domain := range common.EmailDomainWhitelist {
			
 
				 			if domainPart == domain {
			
@@ -133,20 +138,25 @@ func SendEmailVerification(c *gin.Context) {
 
				 				break
			
 
				 			}
			
 
				 		}
			
 
				-		if allowed && !containsSpecialSymbols {
			
 
				+		if !allowed {
			
 
				 			c.JSON(http.StatusOK, gin.H{
			
 
				 				"success": false,
			
 
				-				"message": "Your email address is allowed.",
			
 
				+				"message": "The administrator has enabled the email domain name whitelist, and your email address is not allowed due to special symbols or it's not in the whitelist.",
			
 
				 			})
			
 
				 			return
			
 
				-		} else {
			
 
				+		}
			
 
				+	}
			
 
				+	if common.EmailAliasRestrictionEnabled {
			
 
				+		containsSpecialSymbols := strings.Contains(localPart, "+") || strings.Count(localPart, ".") > 1
			
 
				+		if containsSpecialSymbols {
			
 
				 			c.JSON(http.StatusOK, gin.H{
			
 
				 				"success": false,
			
 
				-				"message": "The administrator has enabled the email domain name whitelist, and your email address is not allowed due to special symbols or it's not in the whitelist.",
			
 
				+				"message": "管理员已启用邮箱地址别名限制，您的邮箱地址由于包含特殊符号而被拒绝。",
			
 
				 			})
			
 
				 			return
			
 
				 		}
			
 
				 	}
			
 
				+
			
 
				 	if model.IsEmailAlreadyTaken(email) {
			
 
				 		c.JSON(http.StatusOK, gin.H{
			
 
				 			"success": false,
			
--- a/model/option.go
+++ b/model/option.go
@@ -44,6 +44,7 @@ func InitOptionMap() {
 
				 	common.OptionMap["DataExportEnabled"] = strconv.FormatBool(common.DataExportEnabled)
			
 
				 	common.OptionMap["ChannelDisableThreshold"] = strconv.FormatFloat(common.ChannelDisableThreshold, 'f', -1, 64)
			
 
				 	common.OptionMap["EmailDomainRestrictionEnabled"] = strconv.FormatBool(common.EmailDomainRestrictionEnabled)
			
 
				+	common.OptionMap["EmailAliasRestrictionEnabled"] = strconv.FormatBool(common.EmailAliasRestrictionEnabled)
			
 
				 	common.OptionMap["EmailDomainWhitelist"] = strings.Join(common.EmailDomainWhitelist, ",")
			
 
				 	common.OptionMap["SMTPServer"] = ""
			
 
				 	common.OptionMap["SMTPFrom"] = ""
			
@@ -174,6 +175,8 @@ func updateOptionMap(key string, value string) (err error) {
 
				 			common.RegisterEnabled = boolValue
			
 
				 		case "EmailDomainRestrictionEnabled":
			
 
				 			common.EmailDomainRestrictionEnabled = boolValue
			
 
				+		case "EmailAliasRestrictionEnabled":
			
 
				+			common.EmailAliasRestrictionEnabled = boolValue
			
 
				 		case "AutomaticDisableChannelEnabled":
			
 
				 			common.AutomaticDisableChannelEnabled = boolValue
			
 
				 		case "AutomaticEnableChannelEnabled":
			
--- a/web/src/components/SystemSetting.js
+++ b/web/src/components/SystemSetting.js
@@ -42,6 +42,7 @@ const SystemSetting = () => {
 
				     TurnstileSecretKey: '',
			
 
				     RegisterEnabled: '',
			
 
				     EmailDomainRestrictionEnabled: '',
			
 
				+    EmailAliasRestrictionEnabled: '',
			
 
				     SMTPSSLEnabled: '',
			
 
				     EmailDomainWhitelist: [],
			
 
				     // telegram login
			
@@ -99,6 +100,7 @@ const SystemSetting = () => {
 
				       case 'TelegramOAuthEnabled':
			
 
				       case 'TurnstileCheckEnabled':
			
 
				       case 'EmailDomainRestrictionEnabled':
			
 
				+      case 'EmailAliasRestrictionEnabled':
			
 
				       case 'SMTPSSLEnabled':
			
 
				       case 'RegisterEnabled':
			
 
				         value = inputs[key] === 'true' ? 'false' : 'true';
			
@@ -480,6 +482,14 @@ const SystemSetting = () => {
 
				               checked={inputs.EmailDomainRestrictionEnabled === 'true'}
			
 
				             />
			
 
				           </Form.Group>
			
 
				+          <Form.Group widths={3}>
			
 
				+            <Form.Checkbox
			
 
				+              label='启用邮箱别名限制（例如：[email protected]）'
			
 
				+              name='EmailAliasRestrictionEnabled'
			
 
				+              onChange={handleInputChange}
			
 
				+              checked={inputs.EmailAliasRestrictionEnabled === 'true'}
			
 
				+            />
			
 
				+          </Form.Group>
			
 
				           <Form.Group widths={2}>
			
 
				             <Form.Dropdown
			
 
				               label='允许的邮箱域名'